Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/e732f4-be84-429b-a18e-1518a733f970/1/MPv0ZIQf8gF63bRVzj_wdZ-dXZY.roa
File: MPv0ZIQf8gF63bRVzj_wdZ-dXZY.roa (raw, json)
Hash identifier: KkiJFkcyvUz1heqkxBgEPmTtzY4d9T2+9il0WhHIMyg=
Subject key identifier: 30:FB:F4:64:84:1F:F2:01:7A:DD:B4:55:CE:3F:F0:75:9F:9D:5D:96
Certificate issuer: /CN=d8672105752b982174d1040c103817570b8d34d6
Certificate serial: 0194266B474C5BFC315059E52AE911C9199F
Authority key identifier: D8:67:21:05:75:2B:98:21:74:D1:04:0C:10:38:17:57:0B:8D:34:D6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2GchBXUrmCF00QQMEDgXVwuNNNY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/e732f4-be84-429b-a18e-1518a733f970/1/MPv0ZIQf8gF63bRVzj_wdZ-dXZY.roa
Signing time: Thu 02 Jan 2025 09:49:12 +0000
ROA not before: Thu 02 Jan 2025 09:49:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50489
IP address blocks: 91.240.47.0/24 maxlen: 24
185.35.68.0/22 maxlen: 24
192.153.60.0/22 maxlen: 24
2a0c:c640::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/e732f4-be84-429b-a18e-1518a733f970/1/2GchBXUrmCF00QQMEDgXVwuNNNY.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/e732f4-be84-429b-a18e-1518a733f970/1/2GchBXUrmCF00QQMEDgXVwuNNNY.mft
rsync://rpki.ripe.net/repository/DEFAULT/2GchBXUrmCF00QQMEDgXVwuNNNY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 08 Apr 2025 23:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:94:26:6b:47:4c:5b:fc:31:50:59:e5:2a:e9:11:c9:19:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d8672105752b982174d1040c103817570b8d34d6
Validity
Not Before: Jan 2 09:49:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=30fbf464841ff2017addb455ce3ff0759f9d5d96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0a:2d:d4:05:a0:e1:58:19:30:8c:78:6f:e9:
af:ef:3c:6e:6c:84:16:47:45:a1:db:38:82:fa:bb:
22:a7:3c:a9:ba:79:03:27:cb:59:57:81:ec:87:1e:
68:65:d9:6b:a6:33:0e:e6:98:f6:53:1c:c9:e8:97:
97:1a:15:11:ef:ba:27:37:59:ca:91:c0:34:14:4c:
b2:aa:b5:93:41:0c:df:0d:f6:b1:fd:b1:a6:ee:06:
95:86:e9:9a:2b:9c:d8:4b:e8:fb:f7:e9:d9:36:9b:
b1:51:c2:92:01:ef:b4:b1:7b:62:96:a4:f1:be:85:
72:e9:e2:db:bc:bc:01:3d:97:88:2e:62:9e:50:68:
7a:cc:63:e7:da:b3:9f:c7:d2:c7:20:00:7c:92:e0:
60:50:9c:e1:71:14:b7:cd:8e:ab:d2:6d:ec:0c:34:
58:db:b1:fc:a1:a0:0c:bf:8b:ac:c6:66:03:2a:93:
51:1c:13:3d:35:45:d4:22:6f:bd:bf:75:88:02:5e:
4e:17:b4:92:ce:9f:a0:5f:b5:d8:ce:bb:d4:57:84:
94:b4:a8:ba:54:19:df:ee:22:1f:70:6e:38:01:bc:
55:4b:e0:66:f0:d2:6e:3d:52:a1:b4:94:c7:a3:1d:
66:00:3b:cd:7a:38:bf:f6:0b:68:da:54:22:67:7a:
03:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
30:FB:F4:64:84:1F:F2:01:7A:DD:B4:55:CE:3F:F0:75:9F:9D:5D:96
X509v3 Authority Key Identifier:
keyid:D8:67:21:05:75:2B:98:21:74:D1:04:0C:10:38:17:57:0B:8D:34:D6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2GchBXUrmCF00QQMEDgXVwuNNNY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e732f4-be84-429b-a18e-1518a733f970/1/MPv0ZIQf8gF63bRVzj_wdZ-dXZY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/e732f4-be84-429b-a18e-1518a733f970/1/2GchBXUrmCF00QQMEDgXVwuNNNY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.240.47.0/24
185.35.68.0/22
192.153.60.0/22
IPv6:
2a0c:c640::/29
Signature Algorithm: sha256WithRSAEncryption
89:e3:c4:d4:4a:2b:16:e2:4e:9e:68:a5:a7:8d:d0:a3:ba:4f:
25:51:f1:09:44:71:3c:29:3a:45:c5:26:79:cf:27:ef:82:ae:
0e:13:c8:e9:6d:65:f2:c0:a1:4f:79:12:57:2a:ae:55:d1:55:
b6:27:24:cf:84:ae:53:3e:bd:a2:73:eb:ab:56:78:98:67:e7:
39:8b:6a:ec:7b:df:1c:16:39:96:c3:f8:ef:e4:eb:a4:b7:d8:
23:75:f6:00:6d:33:65:31:29:b2:68:fb:35:bd:f7:19:72:c1:
59:72:c4:2f:58:81:18:3e:b1:d2:0b:0e:fc:0b:c9:5a:67:ce:
f4:7c:38:5c:4e:3a:05:a5:44:18:4d:04:56:44:1f:78:3a:26:
6e:c1:0e:42:48:3d:45:fa:0e:48:94:d6:50:78:b7:53:42:85:
0c:4d:a1:51:ba:c3:68:37:e5:f1:58:de:4c:5f:d5:20:1f:35:
68:39:ec:49:e4:4a:39:f2:5d:34:af:5b:62:d5:0a:df:5c:74:
30:23:19:16:0f:56:9c:0b:4a:09:e2:e6:9e:fa:62:67:8e:ad:
15:e4:42:23:c6:82:86:7c:04:ed:ce:be:e8:b6:78:3f:59:aa:
b9:f0:ea:69:2d:c2:f3:bc:b5:46:52:46:99:08:04:36:04:43:
8d:eb:42:6a
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZQma0dMW/wxUFnlKukRyRmfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4NjcyMTA1NzUyYjk4MjE3NGQxMDQwYzEwMzgxNzU3MGI4
ZDM0ZDYwHhcNMjUwMTAyMDk0OTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMGZiZjQ2NDg0MWZmMjAxN2FkZGI0NTVjZTNmZjA3NTlmOWQ1ZDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAot1AWg4VgZMIx4b+mv7zxubIQW
R0Wh2ziC+rsipzypunkDJ8tZV4Hshx5oZdlrpjMO5pj2UxzJ6JeXGhUR77onN1nK
kcA0FEyyqrWTQQzfDfax/bGm7gaVhumaK5zYS+j79+nZNpuxUcKSAe+0sXtilqTx
voVy6eLbvLwBPZeILmKeUGh6zGPn2rOfx9LHIAB8kuBgUJzhcRS3zY6r0m3sDDRY
27H8oaAMv4usxmYDKpNRHBM9NUXUIm+9v3WIAl5OF7SSzp+gX7XYzrvUV4SUtKi6
VBnf7iIfcG44AbxVS+Bm8NJuPVKhtJTHox1mADvNeji/9gto2lQiZ3oDlQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFDD79GSEH/IBet20Vc4/8HWfnV2WMB8GA1UdIwQY
MBaAFNhnIQV1K5ghdNEEDBA4F1cLjTTWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkdjaEJYVXJtQ0YwMFFRTUVEZ1hWd3VOTk5ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9lNzMyZjQtYmU4NC00MjliLWExOGUt
MTUxOGE3MzNmOTcwLzEvTVB2MFpJUWY4Z0Y2M2JSVnpqX3dkWi1kWFpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9lNzMyZjQtYmU4NC00MjliLWExOGUtMTUxOGE3MzNmOTcw
LzEvMkdjaEJYVXJtQ0YwMFFRTUVEZ1hWd3VOTk5ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW/AvAwQC
uSNEAwQCwJk8MA0EAgACMAcDBQMqDMZAMA0GCSqGSIb3DQEBCwUAA4IBAQCJ48TU
SisW4k6eaKWnjdCjuk8lUfEJRHE8KTpFxSZ5zyfvgq4OE8jpbWXywKFPeRJXKq5V
0VW2JyTPhK5TPr2ic+urVniYZ+c5i2rse98cFjmWw/jv5Oukt9gjdfYAbTNlMSmy
aPs1vfcZcsFZcsQvWIEYPrHSCw78C8laZ870fDhcTjoFpUQYTQRWRB94OiZuwQ5C
SD1F+g5IlNZQeLdTQoUMTaFRusNoN+XxWN5MX9UgHzVoOexJ5Eo58l00r1ti1Qrf
XHQwIxkWD1acC0oJ4uae+mJnjq0V5EIjxoKGfATtzr7otng/Waq58OppLcLzvLVG
UkaZCAQ2BEON60Jq
-----END CERTIFICATE-----
Generated at Tue Apr 8 04:58:34 2025 by rpki-client